When it comes to plugins I see have tens of thousands of weekly downloads, like nodemailer for example, I also notice that they have a large amount of ‘high’ vulnerability warnings and was wondering on how I should proceed in since I intended to use it in a production environment.